| 1 | /* $NetBSD: cleanup.c,v 1.6 2017/02/14 01:16:44 christos Exp $ */ |
| 2 | |
| 3 | /*++ |
| 4 | /* NAME |
| 5 | /* cleanup 8 |
| 6 | /* SUMMARY |
| 7 | /* canonicalize and enqueue Postfix message |
| 8 | /* SYNOPSIS |
| 9 | /* \fBcleanup\fR [generic Postfix daemon options] |
| 10 | /* DESCRIPTION |
| 11 | /* The \fBcleanup\fR(8) daemon processes inbound mail, inserts it |
| 12 | /* into the \fBincoming\fR mail queue, and informs the queue |
| 13 | /* manager of its arrival. |
| 14 | /* |
| 15 | /* The \fBcleanup\fR(8) daemon always performs the following transformations: |
| 16 | /* .IP \(bu |
| 17 | /* Insert missing message headers: (\fBResent-\fR) \fBFrom:\fR, |
| 18 | /* \fBTo:\fR, \fBMessage-Id:\fR, and \fBDate:\fR. |
| 19 | /* .IP \(bu |
| 20 | /* Transform envelope and header addresses to the standard |
| 21 | /* \fIuser@fully-qualified-domain\fR form that is expected by other |
| 22 | /* Postfix programs. |
| 23 | /* This task is delegated to the \fBtrivial-rewrite\fR(8) daemon. |
| 24 | /* .IP \(bu |
| 25 | /* Eliminate duplicate envelope recipient addresses. |
| 26 | /* .IP \(bu |
| 27 | /* Remove message headers: \fBBcc\fR, \fBContent-Length\fR, |
| 28 | /* \fBResent-Bcc\fR, \fBReturn-Path\fR. |
| 29 | /* .PP |
| 30 | /* The following address transformations are optional: |
| 31 | /* .IP \(bu |
| 32 | /* Optionally, rewrite all envelope and header addresses according |
| 33 | /* to the mappings specified in the \fBcanonical\fR(5) lookup tables. |
| 34 | /* .IP \(bu |
| 35 | /* Optionally, masquerade envelope sender addresses and message |
| 36 | /* header addresses (i.e. strip host or domain information below |
| 37 | /* all domains listed in the \fBmasquerade_domains\fR parameter, |
| 38 | /* except for user names listed in \fBmasquerade_exceptions\fR). |
| 39 | /* By default, address masquerading does not affect envelope recipients. |
| 40 | /* .IP \(bu |
| 41 | /* Optionally, expand envelope recipients according to information |
| 42 | /* found in the \fBvirtual\fR(5) lookup tables. |
| 43 | /* .PP |
| 44 | /* The \fBcleanup\fR(8) daemon performs sanity checks on the content of |
| 45 | /* each message. When it finds a problem, by default it returns a |
| 46 | /* diagnostic status to the client, and leaves it up to the client |
| 47 | /* to deal with the problem. Alternatively, the client can request |
| 48 | /* the \fBcleanup\fR(8) daemon to bounce the message back to the sender |
| 49 | /* in case of trouble. |
| 50 | /* STANDARDS |
| 51 | /* RFC 822 (ARPA Internet Text Messages) |
| 52 | /* RFC 2045 (MIME: Format of Internet Message Bodies) |
| 53 | /* RFC 2046 (MIME: Media Types) |
| 54 | /* RFC 2822 (Internet Message Format) |
| 55 | /* RFC 3463 (Enhanced Status Codes) |
| 56 | /* RFC 3464 (Delivery status notifications) |
| 57 | /* RFC 5322 (Internet Message Format) |
| 58 | /* DIAGNOSTICS |
| 59 | /* Problems and transactions are logged to \fBsyslogd\fR(8). |
| 60 | /* BUGS |
| 61 | /* Table-driven rewriting rules make it hard to express \fBif then |
| 62 | /* else\fR and other logical relationships. |
| 63 | /* CONFIGURATION PARAMETERS |
| 64 | /* .ad |
| 65 | /* .fi |
| 66 | /* Changes to \fBmain.cf\fR are picked up automatically, as |
| 67 | /* \fBcleanup\fR(8) |
| 68 | /* processes run for only a limited amount of time. Use the command |
| 69 | /* "\fBpostfix reload\fR" to speed up a change. |
| 70 | /* |
| 71 | /* The text below provides only a parameter summary. See |
| 72 | /* \fBpostconf\fR(5) for more details including examples. |
| 73 | /* COMPATIBILITY CONTROLS |
| 74 | /* .ad |
| 75 | /* .fi |
| 76 | /* .IP "\fBundisclosed_recipients_header (see 'postconf -d' output)\fR" |
| 77 | /* Message header that the Postfix \fBcleanup\fR(8) server inserts when a |
| 78 | /* message contains no To: or Cc: message header. |
| 79 | /* .PP |
| 80 | /* Available in Postfix version 2.1 only: |
| 81 | /* .IP "\fBenable_errors_to (no)\fR" |
| 82 | /* Report mail delivery errors to the address specified with the |
| 83 | /* non-standard Errors-To: message header, instead of the envelope |
| 84 | /* sender address (this feature is removed with Postfix version 2.2, is |
| 85 | /* turned off by default with Postfix version 2.1, and is always turned on |
| 86 | /* with older Postfix versions). |
| 87 | /* .PP |
| 88 | /* Available in Postfix version 2.6 and later: |
| 89 | /* .IP "\fBalways_add_missing_headers (no)\fR" |
| 90 | /* Always add (Resent-) From:, To:, Date: or Message-ID: headers |
| 91 | /* when not present. |
| 92 | /* .PP |
| 93 | /* Available in Postfix version 2.9 and later: |
| 94 | /* .IP "\fBenable_long_queue_ids (no)\fR" |
| 95 | /* Enable long, non-repeating, queue IDs (queue file names). |
| 96 | /* .PP |
| 97 | /* Available in Postfix version 3.0 and later: |
| 98 | /* .IP "\fBmessage_drop_headers (bcc, content-length, resent-bcc, return-path)\fR" |
| 99 | /* Names of message headers that the \fBcleanup\fR(8) daemon will remove |
| 100 | /* after applying \fBheader_checks\fR(5) and before invoking Milter applications. |
| 101 | /* BUILT-IN CONTENT FILTERING CONTROLS |
| 102 | /* .ad |
| 103 | /* .fi |
| 104 | /* Postfix built-in content filtering is meant to stop a flood of |
| 105 | /* worms or viruses. It is not a general content filter. |
| 106 | /* .IP "\fBbody_checks (empty)\fR" |
| 107 | /* Optional lookup tables for content inspection as specified in |
| 108 | /* the \fBbody_checks\fR(5) manual page. |
| 109 | /* .IP "\fBheader_checks (empty)\fR" |
| 110 | /* Optional lookup tables for content inspection of primary non-MIME |
| 111 | /* message headers, as specified in the \fBheader_checks\fR(5) manual page. |
| 112 | /* .PP |
| 113 | /* Available in Postfix version 2.0 and later: |
| 114 | /* .IP "\fBbody_checks_size_limit (51200)\fR" |
| 115 | /* How much text in a message body segment (or attachment, if you |
| 116 | /* prefer to use that term) is subjected to body_checks inspection. |
| 117 | /* .IP "\fBmime_header_checks ($header_checks)\fR" |
| 118 | /* Optional lookup tables for content inspection of MIME related |
| 119 | /* message headers, as described in the \fBheader_checks\fR(5) manual page. |
| 120 | /* .IP "\fBnested_header_checks ($header_checks)\fR" |
| 121 | /* Optional lookup tables for content inspection of non-MIME message |
| 122 | /* headers in attached messages, as described in the \fBheader_checks\fR(5) |
| 123 | /* manual page. |
| 124 | /* .PP |
| 125 | /* Available in Postfix version 2.3 and later: |
| 126 | /* .IP "\fBmessage_reject_characters (empty)\fR" |
| 127 | /* The set of characters that Postfix will reject in message |
| 128 | /* content. |
| 129 | /* .IP "\fBmessage_strip_characters (empty)\fR" |
| 130 | /* The set of characters that Postfix will remove from message |
| 131 | /* content. |
| 132 | /* BEFORE QUEUE MILTER CONTROLS |
| 133 | /* .ad |
| 134 | /* .fi |
| 135 | /* As of version 2.3, Postfix supports the Sendmail version 8 |
| 136 | /* Milter (mail filter) protocol. When mail is not received via |
| 137 | /* the smtpd(8) server, the cleanup(8) server will simulate |
| 138 | /* SMTP events to the extent that this is possible. For details |
| 139 | /* see the MILTER_README document. |
| 140 | /* .IP "\fBnon_smtpd_milters (empty)\fR" |
| 141 | /* A list of Milter (mail filter) applications for new mail that |
| 142 | /* does not arrive via the Postfix \fBsmtpd\fR(8) server. |
| 143 | /* .IP "\fBmilter_protocol (6)\fR" |
| 144 | /* The mail filter protocol version and optional protocol extensions |
| 145 | /* for communication with a Milter application; prior to Postfix 2.6 |
| 146 | /* the default protocol is 2. |
| 147 | /* .IP "\fBmilter_default_action (tempfail)\fR" |
| 148 | /* The default action when a Milter (mail filter) application is |
| 149 | /* unavailable or mis-configured. |
| 150 | /* .IP "\fBmilter_macro_daemon_name ($myhostname)\fR" |
| 151 | /* The {daemon_name} macro value for Milter (mail filter) applications. |
| 152 | /* .IP "\fBmilter_macro_v ($mail_name $mail_version)\fR" |
| 153 | /* The {v} macro value for Milter (mail filter) applications. |
| 154 | /* .IP "\fBmilter_connect_timeout (30s)\fR" |
| 155 | /* The time limit for connecting to a Milter (mail filter) |
| 156 | /* application, and for negotiating protocol options. |
| 157 | /* .IP "\fBmilter_command_timeout (30s)\fR" |
| 158 | /* The time limit for sending an SMTP command to a Milter (mail |
| 159 | /* filter) application, and for receiving the response. |
| 160 | /* .IP "\fBmilter_content_timeout (300s)\fR" |
| 161 | /* The time limit for sending message content to a Milter (mail |
| 162 | /* filter) application, and for receiving the response. |
| 163 | /* .IP "\fBmilter_connect_macros (see 'postconf -d' output)\fR" |
| 164 | /* The macros that are sent to Milter (mail filter) applications |
| 165 | /* after completion of an SMTP connection. |
| 166 | /* .IP "\fBmilter_helo_macros (see 'postconf -d' output)\fR" |
| 167 | /* The macros that are sent to Milter (mail filter) applications |
| 168 | /* after the SMTP HELO or EHLO command. |
| 169 | /* .IP "\fBmilter_mail_macros (see 'postconf -d' output)\fR" |
| 170 | /* The macros that are sent to Milter (mail filter) applications |
| 171 | /* after the SMTP MAIL FROM command. |
| 172 | /* .IP "\fBmilter_rcpt_macros (see 'postconf -d' output)\fR" |
| 173 | /* The macros that are sent to Milter (mail filter) applications |
| 174 | /* after the SMTP RCPT TO command. |
| 175 | /* .IP "\fBmilter_data_macros (see 'postconf -d' output)\fR" |
| 176 | /* The macros that are sent to version 4 or higher Milter (mail |
| 177 | /* filter) applications after the SMTP DATA command. |
| 178 | /* .IP "\fBmilter_unknown_command_macros (see 'postconf -d' output)\fR" |
| 179 | /* The macros that are sent to version 3 or higher Milter (mail |
| 180 | /* filter) applications after an unknown SMTP command. |
| 181 | /* .IP "\fBmilter_end_of_data_macros (see 'postconf -d' output)\fR" |
| 182 | /* The macros that are sent to Milter (mail filter) applications |
| 183 | /* after the message end-of-data. |
| 184 | /* .PP |
| 185 | /* Available in Postfix version 2.5 and later: |
| 186 | /* .IP "\fBmilter_end_of_header_macros (see 'postconf -d' output)\fR" |
| 187 | /* The macros that are sent to Milter (mail filter) applications |
| 188 | /* after the end of the message header. |
| 189 | /* .PP |
| 190 | /* Available in Postfix version 2.7 and later: |
| 191 | /* .IP "\fBmilter_header_checks (empty)\fR" |
| 192 | /* Optional lookup tables for content inspection of message headers |
| 193 | /* that are produced by Milter applications. |
| 194 | /* .PP |
| 195 | /* Available in Postfix version 3.1 and later: |
| 196 | /* .IP "\fBmilter_macro_defaults (empty)\fR" |
| 197 | /* Optional list of \fIname=value\fR pairs that specify default |
| 198 | /* values for arbitrary macros that Postfix may send to Milter |
| 199 | /* applications. |
| 200 | /* MIME PROCESSING CONTROLS |
| 201 | /* .ad |
| 202 | /* .fi |
| 203 | /* Available in Postfix version 2.0 and later: |
| 204 | /* .IP "\fBdisable_mime_input_processing (no)\fR" |
| 205 | /* Turn off MIME processing while receiving mail. |
| 206 | /* .IP "\fBmime_boundary_length_limit (2048)\fR" |
| 207 | /* The maximal length of MIME multipart boundary strings. |
| 208 | /* .IP "\fBmime_nesting_limit (100)\fR" |
| 209 | /* The maximal recursion level that the MIME processor will handle. |
| 210 | /* .IP "\fBstrict_8bitmime (no)\fR" |
| 211 | /* Enable both strict_7bit_headers and strict_8bitmime_body. |
| 212 | /* .IP "\fBstrict_7bit_headers (no)\fR" |
| 213 | /* Reject mail with 8-bit text in message headers. |
| 214 | /* .IP "\fBstrict_8bitmime_body (no)\fR" |
| 215 | /* Reject 8-bit message body text without 8-bit MIME content encoding |
| 216 | /* information. |
| 217 | /* .IP "\fBstrict_mime_encoding_domain (no)\fR" |
| 218 | /* Reject mail with invalid Content-Transfer-Encoding: information |
| 219 | /* for the message/* or multipart/* MIME content types. |
| 220 | /* .PP |
| 221 | /* Available in Postfix version 2.5 and later: |
| 222 | /* .IP "\fBdetect_8bit_encoding_header (yes)\fR" |
| 223 | /* Automatically detect 8BITMIME body content by looking at |
| 224 | /* Content-Transfer-Encoding: message headers; historically, this |
| 225 | /* behavior was hard-coded to be "always on". |
| 226 | /* AUTOMATIC BCC RECIPIENT CONTROLS |
| 227 | /* .ad |
| 228 | /* .fi |
| 229 | /* Postfix can automatically add BCC (blind carbon copy) |
| 230 | /* when mail enters the mail system: |
| 231 | /* .IP "\fBalways_bcc (empty)\fR" |
| 232 | /* Optional address that receives a "blind carbon copy" of each message |
| 233 | /* that is received by the Postfix mail system. |
| 234 | /* .PP |
| 235 | /* Available in Postfix version 2.1 and later: |
| 236 | /* .IP "\fBsender_bcc_maps (empty)\fR" |
| 237 | /* Optional BCC (blind carbon-copy) address lookup tables, indexed |
| 238 | /* by sender address. |
| 239 | /* .IP "\fBrecipient_bcc_maps (empty)\fR" |
| 240 | /* Optional BCC (blind carbon-copy) address lookup tables, indexed by |
| 241 | /* recipient address. |
| 242 | /* ADDRESS TRANSFORMATION CONTROLS |
| 243 | /* .ad |
| 244 | /* .fi |
| 245 | /* Address rewriting is delegated to the \fBtrivial-rewrite\fR(8) daemon. |
| 246 | /* The \fBcleanup\fR(8) server implements table driven address mapping. |
| 247 | /* .IP "\fBempty_address_recipient (MAILER-DAEMON)\fR" |
| 248 | /* The recipient of mail addressed to the null address. |
| 249 | /* .IP "\fBcanonical_maps (empty)\fR" |
| 250 | /* Optional address mapping lookup tables for message headers and |
| 251 | /* envelopes. |
| 252 | |
|---|